Seamonkey was updated to 2.40 (boo#959277) to fix security issues and bugs.

The following vulnerabilities were fixed:

* CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
* CVE-2015-7201/CVE-2015-7202: Miscellaneous memory safety hazards
* CVE-2015-7204: Crash with JavaScript variable assignment with unboxed objects
* CVE-2015-7207: Same-origin policy violation using perfomance.getEntries and history navigation
* CVE-2015-7208: Firefox allows for control characters to be set in cookies
* CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed
* CVE-2015-7212: Integer overflow allocating extremely large textures
* CVE-2015-7215: Cross-origin information leak through web workers error events
* CVE-2015-7211: Hash in data URI is incorrectly parsed
* CVE-2015-7218/CVE-2015-7219: DOS due to malformed frames in HTTP/2
* CVE-2015-7216/CVE-2015-7217: Linux file chooser crashes on malformed images due to flaws in Jasper library
* CVE-2015-7203/CVE-2015-7220/CVE-2015-7221: Buffer overflows found through code inspection
* CVE-2015-7205: Underflow through code inspection
* CVE-2015-7213: Integer overflow in MP4 playback in 64-bit versions
* CVE-2015-7222: Integer underflow and buffer overflow processing MP4 metadata in libstagefright
* CVE-2015-7223: Privilege escalation vulnerabilities in WebExtension APIs
* CVE-2015-7214: Cross-site reading attack through data and view-source URIs